CVE-2021-23840: Integer overflow in CipherUpdate
First published: Tue Feb 16 2021(Updated: )
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
Credit: openssl-security@openssl.org openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.el8 | 0:1.6.3-107.el8 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.el8 | 0:1.6.1-84.el8 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.el8 | 0:7.78.0-2.el8 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.el8 | 0:2.4.37-78.el8 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.el8 | 0:1.39.2-39.el8 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.el8 | 1:1.1.1g-8.el8 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.el8 | 0:1.0.0-7.el8 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.el8 | 0:0.4.10-22.el8 |
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.jbcs.el7 | 0:1.6.3-107.jbcs.el7 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.jbcs.el7 | 0:1.6.1-84.jbcs.el7 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.jbcs.el7 | 0:7.78.0-2.jbcs.el7 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.jbcs.el7 | 0:2.4.37-78.jbcs.el7 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.jbcs.el7 | 0:1.39.2-39.jbcs.el7 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.jbcs.el7 | 1:1.1.1g-8.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.jbcs.el7 | 0:1.0.0-7.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.jbcs.el7 | 0:0.4.10-22.jbcs.el7 |
| redhat/openssl | <1:1.0.2k-22.el7_9 | 1:1.0.2k-22.el7_9 |
| redhat/edk2 | <0:20210527gite1999b264f1f-3.el8 | 0:20210527gite1999b264f1f-3.el8 |
| redhat/openssl | <1:1.1.1k-4.el8 | 1:1.1.1k-4.el8 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el7 | 0:9.0.50-3.redhat_00004.1.el7 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el7 | 0:1.2.30-3.redhat_3.el7 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el7 | 0:1.1.8-4.Final_redhat_00004.1.el7 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el8 | 0:9.0.50-3.redhat_00004.1.el8 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el8 | 0:1.2.30-3.redhat_3.el8 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el8 | 0:1.1.8-4.Final_redhat_00004.1.el8 |
| OpenSSL OpenSSL | >=1.0.2<1.0.2y | |
| OpenSSL OpenSSL | >=1.1.1<1.1.1j | |
| Debian Debian Linux | =10.0 | |
| Tenable Log Correlation Engine | <6.0.8 | |
| Tenable Nessus Network Monitor | =5.11.0 | |
| Tenable Nessus Network Monitor | =5.11.1 | |
| Tenable Nessus Network Monitor | =5.12.0 | |
| Tenable Nessus Network Monitor | =5.12.1 | |
| Tenable Nessus Network Monitor | =5.13.0 | |
| Oracle Business Intelligence | =5.5.0.0.0 | |
| Oracle Business Intelligence | =5.9.0.0.0 | |
| Oracle Business Intelligence | =12.2.1.3.0 | |
| Oracle Business Intelligence | =12.2.1.4.0 | |
| Oracle Communications Cloud Native Core Policy | =1.15.0 | |
| Oracle Enterprise Manager For Storage Management | =13.4.0.0 | |
| Oracle Enterprise Manager Ops Center | =12.4.0.0 | |
| Oracle GraalVM | =19.3.5 | |
| Oracle GraalVM | =20.3.1.2 | |
| Oracle GraalVM | =21.0.0.2 | |
| Oracle Jd Edwards Enterpriseone Tools | <9.2.6.0 | |
| Oracle Jd Edwards World Security | =a9.4 | |
| Oracle Mysql Server | <5.7.33 | |
| Oracle Mysql Server | >=8.0.15<8.0.23 | |
| Oracle Nosql Database | <20.3 | |
| McAfee ePolicy Orchestrator | <5.10.0 | |
| McAfee ePolicy Orchestrator | =5.10.0 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_1 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_10 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_2 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_3 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_4 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_5 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_6 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_7 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_8 | |
| McAfee ePolicy Orchestrator | =5.10.0-update_9 | |
| Fujitsu M10-1 Firmware | <xcp2410 | |
| Fujitsu M10-1 | ||
| Fujitsu M10-4 Firmware | <xcp2410 | |
| Fujitsu M10-4 | ||
| Fujitsu M10-4s Firmware | <xcp2410 | |
| Fujitsu M10-4s | ||
| Fujitsu M12-1 Firmware | <xcp2410 | |
| Fujitsu M12-1 | ||
| Fujitsu M12-2 Firmware | <xcp2410 | |
| Fujitsu M12-2 | ||
| Fujitsu M12-2s Firmware | <xcp2410 | |
| Fujitsu M12-2s | ||
| Fujitsu M10-1 Firmware | <xcp3110 | |
| Fujitsu M10-4 Firmware | <xcp3110 | |
| Fujitsu M10-4s Firmware | <xcp3110 | |
| Fujitsu M12-1 Firmware | <xcp3110 | |
| Fujitsu M12-2 Firmware | <xcp3110 | |
| Fujitsu M12-2s Firmware | <xcp3110 | |
| Nodejs Node.js | >=10.0.0<=10.12.0 | |
| Nodejs Node.js | >=10.13.0<10.24.0 | |
| Nodejs Node.js | >=12.0.0<=12.12.0 | |
| Nodejs Node.js | >=12.13.0<12.21.0 | |
| Nodejs Node.js | >=14.0.0<=14.14.0 | |
| Nodejs Node.js | >=15.0.0<15.10.0 | |
| Nodejs Node.js | =14.15.0 | |
| All of | ||
| Fujitsu M10-1 Firmware | <xcp2410 | |
| Fujitsu M10-1 | ||
| All of | ||
| Fujitsu M10-4 Firmware | <xcp2410 | |
| Fujitsu M10-4 | ||
| All of | ||
| Fujitsu M10-4s Firmware | <xcp2410 | |
| Fujitsu M10-4s | ||
| All of | ||
| Fujitsu M12-1 Firmware | <xcp2410 | |
| Fujitsu M12-1 | ||
| All of | ||
| Fujitsu M12-2 Firmware | <xcp2410 | |
| Fujitsu M12-2 | ||
| All of | ||
| Fujitsu M12-2s Firmware | <xcp2410 | |
| Fujitsu M12-2s | ||
| All of | ||
| Fujitsu M10-1 Firmware | <xcp3110 | |
| Fujitsu M10-1 | ||
| All of | ||
| Fujitsu M10-4 Firmware | <xcp3110 | |
| Fujitsu M10-4 | ||
| All of | ||
| Fujitsu M10-4s Firmware | <xcp3110 | |
| Fujitsu M10-4s | ||
| All of | ||
| Fujitsu M12-1 Firmware | <xcp3110 | |
| Fujitsu M12-1 | ||
| All of | ||
| Fujitsu M12-2 Firmware | <xcp3110 | |
| Fujitsu M12-2 | ||
| All of | ||
| Fujitsu M12-2s Firmware | <xcp3110 | |
| Fujitsu M12-2s | ||
| IBM Security Verify Bridge | <=All | |
| redhat/openssl | <1.1.1 | 1.1.1 |
| redhat/openssl | <1.0.2 | 1.0.2 |
| debian/openssl | 1.1.1w-0+deb11u1 1.1.1w-0+deb11u2 3.0.15-1~deb12u1 3.0.14-1~deb12u2 3.3.2-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-23840 https://nvd.nist.gov/vuln/detail/CVE-2021-23840 https://www.openssl.org/news/secadv/20210216.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1930324
- https://access.redhat.com/errata/RHSA-2021:4614
- https://access.redhat.com/errata/RHSA-2021:3016
- https://access.redhat.com/errata/RHSA-2021:3798
- https://access.redhat.com/errata/RHSA-2021:4198
- https://access.redhat.com/errata/RHSA-2021:4424
- https://access.redhat.com/errata/RHSA-2021:4613
- https://access.redhat.com/errata/RHSA-2021:4863
- https://access.redhat.com/errata/RHSA-2021:4861
- https://access.redhat.com/security/cve/cve-2021-23840
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
- https://kc.mcafee.com/corporate/index?page=content&id=SB10366
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://security.gentoo.org/glsa/202103-03
- https://security.netapp.com/advisory/ntap-20210219-0009/
- https://www.debian.org/security/2021/dsa-4855
- https://www.openssl.org/news/secadv/20210216.txt
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-03
- https://www.tenable.com/security/tns-2021-09
- https://www.tenable.com/security/tns-2021-10
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930328
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930327
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930325
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930326
- https://github.com/openssl/openssl/commit/6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
- https://access.redhat.com/support/policy/updates/jboss_notes
- https://access.redhat.com/errata/RHSA-2021:1168
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/196848
- https://www.ibm.com/support/pages/node/6491653 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840
- https://nvd.nist.gov/vuln/detail/CVE-2021-23840
- https://launchpad.net/bugs/cve/CVE-2021-23840
- https://security-tracker.debian.org/tracker/CVE-2021-23840
- https://ubuntu.com/security/CVE-2021-23840
- https://kc.mcafee.com/corporate/index?page=content&id=SB10366
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the vulnerability ID for this OpenSSL vulnerability?
The vulnerability ID for this OpenSSL vulnerability is CVE-2021-23840.
What is the severity of CVE-2021-23840?
CVE-2021-23840 has a severity level of high.
What is the impact of CVE-2021-23840?
CVE-2021-23840 can cause a denial of service (DoS) due to an integer overflow in CipherUpdate.
How can I fix CVE-2021-23840?
To fix CVE-2021-23840, update OpenSSL to the recommended version provided by the vendor.
Where can I find more information about CVE-2021-23840?
You can find more information about CVE-2021-23840 on the IBM X-Force Exchange website and the OpenSSL website.
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-23840
- agent/software-canonical-lookup
- agent/title
- collector/nvd-api
- source/NVD
- agent/author
- collector/ibm-support
- source/IBM
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/tags
- agent/references
- agent/description
- agent/event
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- package-manager/redhat
- vendor/openssl
- canonical/openssl openssl
- version/openssl openssl/1.0.2
- version/openssl openssl/1.1.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- vendor/tenable
- canonical/tenable log correlation engine
- canonical/tenable nessus network monitor
- version/tenable nessus network monitor/5.11.0
- version/tenable nessus network monitor/5.11.1
- version/tenable nessus network monitor/5.12.0
- version/tenable nessus network monitor/5.12.1
- version/tenable nessus network monitor/5.13.0
- vendor/oracle
- canonical/oracle business intelligence
- version/oracle business intelligence/5.5.0.0.0
- version/oracle business intelligence/5.9.0.0.0
- version/oracle business intelligence/12.2.1.3.0
- version/oracle business intelligence/12.2.1.4.0
- canonical/oracle communications cloud native core policy
- version/oracle communications cloud native core policy/1.15.0
- canonical/oracle enterprise manager for storage management
- version/oracle enterprise manager for storage management/13.4.0.0
- canonical/oracle enterprise manager ops center
- version/oracle enterprise manager ops center/12.4.0.0
- canonical/oracle graalvm
- version/oracle graalvm/19.3.5
- version/oracle graalvm/20.3.1.2
- version/oracle graalvm/21.0.0.2
- canonical/oracle jd edwards enterpriseone tools
- canonical/oracle jd edwards world security
- version/oracle jd edwards world security/a9.4
- canonical/oracle mysql server
- version/oracle mysql server/8.0.15
- canonical/oracle nosql database
- vendor/mcafee
- canonical/mcafee epolicy orchestrator
- version/mcafee epolicy orchestrator/5.10.0
- version/mcafee epolicy orchestrator/5.10.0-update_1
- version/mcafee epolicy orchestrator/5.10.0-update_10
- version/mcafee epolicy orchestrator/5.10.0-update_2
- version/mcafee epolicy orchestrator/5.10.0-update_3
- version/mcafee epolicy orchestrator/5.10.0-update_4
- version/mcafee epolicy orchestrator/5.10.0-update_5
- version/mcafee epolicy orchestrator/5.10.0-update_6
- version/mcafee epolicy orchestrator/5.10.0-update_7
- version/mcafee epolicy orchestrator/5.10.0-update_8
- version/mcafee epolicy orchestrator/5.10.0-update_9
- vendor/fujitsu
- canonical/fujitsu m10-1 firmware
- canonical/fujitsu m10-1
- canonical/fujitsu m10-4 firmware
- canonical/fujitsu m10-4
- canonical/fujitsu m10-4s firmware
- canonical/fujitsu m10-4s
- canonical/fujitsu m12-1 firmware
- canonical/fujitsu m12-1
- canonical/fujitsu m12-2 firmware
- canonical/fujitsu m12-2
- canonical/fujitsu m12-2s firmware
- canonical/fujitsu m12-2s
- vendor/nodejs
- canonical/nodejs node.js
- version/nodejs node.js/10.0.0
- version/nodejs node.js/10.12.0
- version/nodejs node.js/10.13.0
- version/nodejs node.js/12.0.0
- version/nodejs node.js/12.12.0
- version/nodejs node.js/12.13.0
- version/nodejs node.js/14.0.0
- version/nodejs node.js/14.14.0
- version/nodejs node.js/15.0.0
- version/nodejs node.js/14.15.0
- vendor/ibm
- canonical/ibm security verify bridge
- version/ibm security verify bridge/all
- package-manager/debian